Yes, ... a pretty good rule set, albeit quite aggressive. Did already tweak fair bit on configuration earlier ... I'm sure there will be occasional items (notably false positives) that come up. Fortunately thus far they've been pretty few, but yes, will need to deal with those - at least as feasible and appropriate.
But overall, at least thus far, I've been quite pleased with it. I do also quite like the greylisting - which I also did tweak (to initial delay of only 2 minutes - much more tolerable / less annoying, for legitimate email that encounters such). I like being able to add domains that are (almost?) entirely spam to such, so that they seem to (thus far) entirely thwart the spam, ... but should a legitimate email ever come from such a domain - well, then it generally would/should actually make it through ... just with a wee bit more delay is all. But yeah, some of the other email addresses (and ISPs, etc.) I have ... sometimes I look over the spam for sending domains, and for those I've never ever yet seen any non-spam use of, rather than block 'em outright, I just tighten the screws a bit more so spam from such is more probable to not make it through, while leaving it still at least reasonable for legitimate email (should there ever be such from such a domain) to reasonably make it through.
Another thing I notice ... seems the spammers are learning a bit ... and/or some of eximconfig's database tracking - the (attempted) spam volumes seem to be trending down from earlier ... probably started out as "ooh, fresh meat, let's see if we can spam there" - or so the spambots would behave ... but weeks later, perhaps more like: "uh, ... that's a harder target ... let's not spend quite as much resource trying on that one". Whether it's the spambots, or eximconfig (notably with database bits), seems one or both are learning ... at least some reasonable bit (or ... maybe as statistical fluke, or unrelated correlation? ... who knows. I don't exactly have huge volumes of data to compare and review and do trend analysis on ... at least yet).
From: "Rick Moen" rick@linuxmafia.com Subject: Re: [BALUG-Admin] anti-spam false positive ... egad, that was annoying to track down ... Date: Wed, 16 Aug 2017 10:25:25 -0700
Quoting Michael Paoli (Michael.Paoli@cal.berkeley.edu):
anti-spam false positive ... egad, that was annoying to track down ...
So ... got posting failure(s), e.g. (slightly trimmed):
I don't think much of the 'verified' thing. Can't recall whether I ever tested it. (BTW, my current MTA doesn't use EximConfig's rulesets, because this system was put together in a hurry.)
Occasionally, you will find rules that are poorly thought out or misbegotten. Then, you'll need to decide whether to remove or fix them.